* > t 

06/30/2006 17:42 2023313838 



CAHN & SAMUELS 



PAGE 03/08 



Appl. NO. 10/060,310 

Amdt. dated June 30, 2006 

Reply to Office action dated May 31, 2006 

AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions, and listings, of claims in the 

application: 
Listing of Claims: 

1 . (previously presented) A method of operation of a logical unit to facilitate 
secure communication between first and second domains comprising: 

receiving an encrypted data transmission over an outbound proxy from a security 
client disposed in the first domain; 

identifying a sender of the encrypted data transmission using a personal identifier 
associated with the data transmission; 

determining whether the sender is authorized to perform the data transmission; 

determining whether the data transmission is recognized; 

decrypting the data transmission if it is determined that the data transmission is 
recognized and the sender Is authorized to perform the data transmission; and 

transmitting the decrypted data transmission to an application server disposed in 
the second domain. 

2. (original) The method of claim 1 wherein the personal identifier is one of a 
biometric and a digital signature. 

3. (original) The method of claim 1 wherein determining whether the sender 
is authorized to perform the data transmission includes checking an access control list 
to determine the sender's privilege level. 

4. (previously presented) The method of claim 1 further comprising 
preventing the data transmission from reaching the application server if it is determined 
that the data transmission is not recognized and the sender is not authorized to perform 
the data transmission function. 
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5. (previously presented) The method of claim 1 further comprising 
enhancing the data transmission prior to sending the data transmission. 

6. (currently amended) An article of manufacture comprising: 

a computer usable readable storage medium having computer readable program 
code embodied therein for securely transmitting data from a trusted domain to an 
untrusted domain comprising: 

computer readable program code for c ausing that causes a first logical unit to 
receive an enhanced data transmission over an outbound proxy from a second logical 
unit; 

computer readable program code for causing that causes the first logical unit to 
identify a sender of the enhanced data transmission; 

computer readable program code for causing that causes the first logical unit to 
determine whether the enhanced data transmission is recognized; 

computer readable program code for causing that causes the first logical unit to 
determine whether the sender is authorized to perform the enhanced data transmission; 
and 

computer readable program code for causing that causes the first logical unit to 
de-enhance the data transmission if it is determined that the enhanced data 
transmission is recognized and that the sender is authorized to perform the enhanced 
data transmission; and 

computer readable program code for causing that causes the first logical unit to 
send the de-enhanced data transmission to a third logical unit. 

7. (original) The article of manufacture of claim 6 wherein the data in the 
enhanced data is encrypted. 

8. (original) The article of manufacture of claim 6 wherein enhanced data 
includes biometricalfy secured data. 
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9. (currently amended) The article of manufacture of claim 6 further 
comprising computer readable program code fewsawemf that causes the first logical 
unit to determine a privilege level of the sender by searching an access control list that 
contains the sender's privilege level. 

1 0. (original) The article of manufacture of claim 6 further comprising program 
code for preventing the data from reaching the third logical unit if it is determined that 
the sender is not authorized to transmit the data. 

1 1 . (cancelled) A logical unit programmed to facilitate secure communication 
between first and second domains comprising: 

a processor programmed to receive enhanced data transmitted from a first 
logical unit and to identify the sender of the enhanced data, said processor including a 
plurality of proxies, at least one of the plurality of proxies corresponding to an outbound 

proxy of the first logical unit; 

an access control list stored in a memory location including access rights for the 

sender; 

said processor further being programmed to query said access control list to 
determine whether the sender has sufficient rights to perform the data transmission. 

12. (cancelled) A logical system for secure communication between first and 
second domains: 

a first logical unit configured to enhance data and to transmit the enhanced data 
through an outbound proxy across the first secure domain; 

a second logical unit having a plurality of proxies, at least one of the plurality of 
proxies corresponding to the outbound proxy of the first logical unit, said second logical 
unit being configured to receive data from said first logical unit said second logical unit 
defining a boundary between the first domain and the second domain, said second 
logical unit being further configured to identify a sender of the enhanced data, to 
determine whether the sender has sufficient rights to perform the data transmission, 
said processor being further configured to de-enhance the data and to transmit the data 
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to a logical unit in the second domain when it Is determined that the sender has 
sufficient rights to perform data transmission. 

13. (previously presented) The method of claim 1 wherein determining 
whether the data transmission is recognized includes comparing proxies contained in 
said first logical unit to the outbound proxy of the security client. 

14. (cancelled) The logical unit of claim 1 1 wherein said processor is further 
programmed to de-enhance the data and to transmit the de-enhanced data to a logical 
unit in one of the first and second domains. 
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